NYDFS Penalizes Cruise Ship Operator For Failing To Prevent And Timely Report Cyberattacks
July 12, 2022
On June 23, 2022, the New York Department of Financial Services issued a Consent Order finding that cruise ship operator Carnival Corporation violated the Department's cybersecurity regulation by failing to implement required policies and procedures as well as report several cyber incidents that the company experienced. The enforcement action signals DFS's determination to ensure all licensed entities—including victims of cyberattacks—fully protect sensitive customer and employee data by rigorously adhering to NYDFS's cybersecurity regulation.
Download PDF